WO2002093387A2 - Method and device for protecting data transmission between a central processor and a memory - Google Patents

Method and device for protecting data transmission between a central processor and a memory Download PDF

Info

Publication number
WO2002093387A2
WO2002093387A2 PCT/IB2002/001690 IB0201690W WO02093387A2 WO 2002093387 A2 WO2002093387 A2 WO 2002093387A2 IB 0201690 W IB0201690 W IB 0201690W WO 02093387 A2 WO02093387 A2 WO 02093387A2
Authority
WO
WIPO (PCT)
Prior art keywords
key
addresses
memory
logic
encoded
Prior art date
Application number
PCT/IB2002/001690
Other languages
English (en)
French (fr)
Other versions
WO2002093387A3 (en
Inventor
Wolfgang Buhr
Original Assignee
Koninklijke Philips Electronics N.V.
Philips Corporate Intellectual Property Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V., Philips Corporate Intellectual Property Gmbh filed Critical Koninklijke Philips Electronics N.V.
Priority to EP02727912A priority Critical patent/EP1393187A2/en
Priority to US10/477,984 priority patent/US20040128458A1/en
Priority to JP2002589995A priority patent/JP2004525470A/ja
Publication of WO2002093387A2 publication Critical patent/WO2002093387A2/en
Publication of WO2002093387A3 publication Critical patent/WO2002093387A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography

Definitions

  • the invention relates to a method of protecting data transmission between a central processor and a memory, in which the logic addresses supplied by the central processor are encoded with a first, unchangeably stored key.
  • the invention also relates to a data processing unit comprising a central processor which is connected to a store via address lines and data lines, and a first encryption logic arranged in the address lines which encodes the logic addresses supplied by the central processor with a first, unchangeably stored key.
  • the method is used for protecting data transmission between a central processor and a memory and particularly prevents the data in the memory from being read and used abusively.
  • the logic addresses of data used and supplied by the central processor are encoded with a first, unchangeably stored key.
  • This first key can be stored, for example, in a hardware configuration or in ROM memories (including EPROM, EEPROM, etc.).
  • the method is further characterized in that at least a part of the addresses encoded with the first key is encoded a second time with a second, changeably stored key.
  • the second sncryption of the addresses with a changeable key has the advantage that the data can be individually encrypted for each data processing system of this type by providing an individual second key.
  • the method also has the advantage that the contents of the memory can be made unusable by changing or overwriting the changeable second key. This is possible without having to erase the whole memory or overwrite it with random numbers.
  • the memory is logically divided into a configuration range and a useful data range, in which the access to the configuration range is only encoded with the first key, whereas the access to the useful data range is additionally encoded with the second key.
  • configuration range already indicates, the data which are relevant for the configuration of the data processing system or the central processor are preferably stored in this range. In this way, the processor can have access without knowing or using the second key.
  • the second key is preferably stored in the configuration range.
  • the central processor When initialized, it can then be read from this range and subsequently be used for the second encoding operation. No additional memory is necessary for storing the second key, which is advantageous particularly in the case of smart cards.
  • those logic addresses that, upon consecutive encoding with initially the first and then the second key, assume values which correspond to the addresses of the configuration range that have been encoded with the first key only, are encoded once more with the second key before access to the memory.
  • This method has the following background. Since only the first key is used when the configuration range is stored in the memory, this range collides with addresses in the memory which, after encoding with both the first and the second key, are stored at the same site. To prevent this collision and thereby a loss of data, the second key is applied a second time to the last-mentioned addresses so that these addresses are passed on to those free sites that would have been assumed by the configuration range upon application of a first and a second encryption.
  • the encoding operations by means of the first and the second key are preferably defined in such a way that the identity is obtained in the case of dual application of the first encoding operation or dual application of the second encoding operation. Any encoding function thus simultaneously represents its own inverse value.
  • the second key and/or values from which addresses to be encoded with only the first key can be recognized are read or computed during the initialization of the central processor.
  • the initialization phase of the central processor can thus proceed identically in all of its systems which are equal in their hardware and the permanently stored configurations, but individual data are generated and stored for each system during the initialization phase, which data subsequently ensure an individual encryption.
  • the invention also relates to a data processing unit comprising a central processor which is connected to a memory via address lines and data lines.
  • the data processing unit also comprises a first encryption logic arranged in the address lines, which encodes the logic addresses supplied by the central processor with a first, unchangeably stored key.
  • the data processing unit is characterized in that it comprises a second encryption logic arranged in the address lines, which encodes the addresses encoded with the first key at least partly a second time with a second, changeably stored key.
  • Such a data processing unit may be particularly a smart card.
  • the data processing unit has the advantage that it allows an individual encryption or scrambling of data in the memory, independent of the second key.
  • the abusive decryption of the first encryption logic with the first key thus does not automatically provide access to the data of all, similar data processing units.
  • Each data processing unit would rather require the second key for such an access.
  • the data processing unit is further preferably designed or adapted in such a way that a method of the type described hereinbefore can be performed with this unit.
  • the data processing unit may particularly comprise a bypass logic which receives the (logic) addresses generated and/or used by the first encryption logic as input, and activates a bypass of the second encryption logic when these addresses correspond to predetermined values. By means of the bypass logic, the second encryption can thus be selectively switched off. This is particularly useful when applying a configuration range as described above, which should be encrypted with the first encryption logic only.
  • Fig. 1 shows diagrammatically the components of a data processing unit according to the invention
  • Fig. 2 shows diagrammatically the addresses in different encryption stages.
  • Fig. 1 shows the essential components of a data processing unit 100 comprising a central processor 10 and a memory module 13 connected thereto.
  • the unit may be particularly a smart card 100 in which the memory 13 is a non- volatile memory storing, for reasons of costs, both program codes and data and control data and configuration parameters to be specially protected.
  • a second encryption logic 12 is arranged according to the invention in the address line between the first encryption logic 11 and the memory 13.
  • the second encryption logic 12 uses a second key KEY2 for its one-to-one transformation C2.
  • this key is not fixed but is stored in a changeable form in the memory 13.
  • the value of the second key KEY2 is read from the memory 13 during the initialization via the data line 19.
  • the second encryption logic 12 is preferably switched off in order that the configuration data of the central processor are always found at the same sites of the memory 13 predetermined by the first encryption logic 11 and the first key KEYl. Such a "fixed" location of the configuration range also provides the possibility of reading the second key KEY2 from the memory 13 only during the initialization so that it is subsequently available for the encryption logic 12.
  • the data processing unit 110 comprises a bypass 15 which bypasses the second encryption logic 12, and a bypass logic 14 which can selectively switch the bypass 15 on and off. Via a line 16, the input of the bypass logic 14 receives the current address Cipherl encrypted by means of the first encryption logic 11. This value is compared with the two stored values SecRowCipherl and SecRowCipher2. In so far as
  • Cipherl is equal to one of the two stored values
  • the bypass logic 14 activates the bypass 15 so that the memory 13 is accessed while bypassing the second encryption logic 12.
  • the second encryption logic 12 stores the second key KEY2 read from the configuration range of the memory 13 during the initialization in a local memory.
  • the second encryption logic 12 then stores both the Cipherl addresses of the configuration range generated with the first key KEYl in accordance with SecRowCipherl and the Cipher2 addresses of the configuration range generated with the second key KEY2 in accordance with SecRowCipher2. This is effected while the bypass 15 is activated.
  • bypass 15 is then generally deactivated so as to basically apply scrambled codes Cl and C2 to the memory addresses LogAdr.
  • bypass logic 14 Only when the bypass logic 14 recognizes one of the two addresses SecRowCipherl or SecRowCipher2 stored during the initialization phase as Cipherl addresses at its input, does it activate the bypass 15 for this access so that the second encryption logic 12 is bypassed.
  • the addresses of the configuration range are thus not affected by the second scrambling copy C2.
  • Fig. 2 diagrammatically shows the scrambled codes or copies of addresses in the data processing system 100 shown in Fig. 1.
  • the logic addresses LogAdr are first converted by the first encryption logic 11 with the copy Cl into an address Cipherl.
  • an address Cipher2 which is encrypted twice, is generated from each of these addresses Cipherl, which address Cipher2 indicates a physical memory location PhyAdr of the memory.
  • the above-mentioned displacement of the range X is considerably simplified when the second encryption C2 is its own inverse so that the identity is obtained upon dual application.
  • the dual application of the second encryption (C2) 2 can be dispensed with and the range X - likewise as the configuration range K - should be copied in the memory with the first encryption Cl only.
  • the bypass logic 14 of the data processing unit 100 of Fig. 1 recognizes this situation in that the address SecRowCipher2 is present at its input, which address corresponds to the address of the configuration range K" in the memory, obtained when applying the first encryption Cl and the second encryption C2 to the configuration range K.
  • the method shown by way of example with reference to the Figures has the advantage that the scrambling of user data can be changed any time, for example, when personalizing the memory 13 for the client, by programming the second key KEY2 in the configuration range so that it can be supplied individually.
  • each manipulation in the configuration range of the memory 13 changing the second key KEY2 leads to an immediate change of the scrambled code of the useful data range and hence to unusable user data, which is comparable with a memory initialization by means of random data.
  • this additional scrambling mechanism for the useful data range does not affect the secure access to the configuration range of the memory 13 during the initialization phase.
  • Cipher2 twice encrypted address

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
PCT/IB2002/001690 2001-05-17 2002-05-15 Method and device for protecting data transmission between a central processor and a memory WO2002093387A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP02727912A EP1393187A2 (en) 2001-05-17 2002-05-15 Method and device for protecting data transmission between a central processor and a memory
US10/477,984 US20040128458A1 (en) 2001-05-17 2002-05-15 Method and device for protecting data transmission between a central processor and a memory
JP2002589995A JP2004525470A (ja) 2001-05-17 2002-05-15 中央処理装置とメモリとの間でのデータ送信を保護する方法及び装置

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE10124139.9 2001-05-17
DE10124139A DE10124139A1 (de) 2001-05-17 2001-05-17 Verfahren und Vorrichtung zur Sicherung der Datenübertragung zwischen einem Zentralprozessor und einem Speicher

Publications (2)

Publication Number Publication Date
WO2002093387A2 true WO2002093387A2 (en) 2002-11-21
WO2002093387A3 WO2002093387A3 (en) 2003-01-30

Family

ID=7685199

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2002/001690 WO2002093387A2 (en) 2001-05-17 2002-05-15 Method and device for protecting data transmission between a central processor and a memory

Country Status (6)

Country Link
US (1) US20040128458A1 (zh)
EP (1) EP1393187A2 (zh)
JP (1) JP2004525470A (zh)
CN (1) CN1251091C (zh)
DE (1) DE10124139A1 (zh)
WO (1) WO2002093387A2 (zh)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004097646A2 (de) * 2003-04-25 2004-11-11 Conti Temic Microelectronic Gmbh Verfahren zum betreiben einer datenverarbeitungseinheit sowie datenverarbeitungssystem zur durchführung des verfahrens
EP1990782A3 (de) * 2007-05-07 2009-11-18 Giesecke & Devrient GmbH Verfahren zum Speichern von Anwendungsdaten in einen Datenträger mit einem verschlüsselnden Speicher-Controller
WO2010012678A1 (en) * 2008-07-28 2010-02-04 Nagravision S.A. Method and apparatus for enforcing a predetermined memory mapping

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4630643B2 (ja) * 2004-11-18 2011-02-09 株式会社メガチップス 半導体メモリおよび半導体メモリのテスト方法
EP1768028A1 (en) * 2005-09-22 2007-03-28 STMicroelectronics (Research & Development) Limited Addressing peripherals in an ic
DE102005051577B4 (de) * 2005-10-21 2008-04-30 Engel Solutions Ag Verfahren zur Verschlüsselung bzw. Entschlüsselung von Datenpaketen eines Datenstroms sowie Signalfolge und Datenverarbeitungssystem zur Ausführung des Verfahrens
US8473754B2 (en) 2006-02-22 2013-06-25 Virginia Tech Intellectual Properties, Inc. Hardware-facilitated secure software execution environment
JP5571883B2 (ja) * 2007-06-18 2014-08-13 軒▲ソン▼科技有限公司 デジタル情報の保護方法、装置およびコンピュータによるアクセス可能な記録媒体
CN101577086B (zh) * 2008-05-09 2012-01-04 联阳半导体股份有限公司 串联电路的自动寻址方法及串接数量的自动检测方法
US8375225B1 (en) 2009-12-11 2013-02-12 Western Digital Technologies, Inc. Memory protection
US20150363333A1 (en) * 2014-06-16 2015-12-17 Texas Instruments Incorporated High performance autonomous hardware engine for inline cryptographic processing
KR102208072B1 (ko) 2014-09-01 2021-01-27 삼성전자주식회사 데이터 처리 시스템
US10346318B2 (en) 2016-09-13 2019-07-09 Intel Corporation Multi-stage memory integrity method and apparatus

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US892826A (en) 1907-12-27 1908-07-07 Ira L Graham Reinforced concrete post.
GB2172721A (en) 1985-03-21 1986-09-24 John Angus Robertson Protective software
US5095525A (en) 1989-06-26 1992-03-10 Rockwell International Corporation Memory transformation apparatus and method
US5987572A (en) 1997-09-29 1999-11-16 Intel Corporation Method and apparatus employing a dynamic encryption interface between a processor and a memory

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4120030A (en) * 1977-03-11 1978-10-10 Kearney & Trecker Corporation Computer software security system
US4465901A (en) * 1979-06-04 1984-08-14 Best Robert M Crypto microprocessor that executes enciphered programs
US4525599A (en) * 1982-05-21 1985-06-25 General Computer Corporation Software protection methods and apparatus
US4558176A (en) * 1982-09-20 1985-12-10 Arnold Mark G Computer systems to inhibit unauthorized copying, unauthorized usage, and automated cracking of protected software
US4573119A (en) * 1983-07-11 1986-02-25 Westheimer Thomas O Computer software protection system
US4698617A (en) * 1984-05-22 1987-10-06 American Microsystems, Inc. ROM Protection scheme
US4716546A (en) * 1986-07-30 1987-12-29 International Business Machines Corporation Memory organization for vertical and horizontal vectors in a raster scan display system
US5214704A (en) * 1989-10-04 1993-05-25 Teledyne Industries, Inc. Nonlinear dynamic substitution devices and methods for block substitutions
US5081675A (en) * 1989-11-13 1992-01-14 Kitti Kittirutsunetorn System for protection of software in memory against unauthorized use
US5428685A (en) * 1992-01-22 1995-06-27 Fujitsu Limited IC memory card and method of protecting data therein
US6094703A (en) * 1995-02-21 2000-07-25 Micron Technology, Inc. Synchronous SRAM having pipelined memory access enable for a burst of addresses
US5892826A (en) * 1996-01-30 1999-04-06 Motorola, Inc. Data processor with flexible data encryption
JPH09312099A (ja) * 1996-05-21 1997-12-02 Toshiba Microelectron Corp 半導体記憶装置及びそのアクセス方法
KR100201396B1 (ko) * 1996-07-20 1999-06-15 구본준 이피롬의 비화코드 해독 방지회로
US5848159A (en) * 1996-12-09 1998-12-08 Tandem Computers, Incorporated Public key cryptographic apparatus and method
US5943283A (en) * 1997-12-05 1999-08-24 Invox Technology Address scrambling in a semiconductor memory
US6449476B1 (en) * 1999-03-12 2002-09-10 Qualcomm Incorporated System and method for independently downloading features into a set of storage locations in a wireless communication device
JP3389186B2 (ja) * 1999-04-27 2003-03-24 松下電器産業株式会社 半導体メモリカード及び読み出し装置
US7005733B2 (en) * 1999-12-30 2006-02-28 Koemmerling Oliver Anti tamper encapsulation for an integrated circuit
WO2001095115A1 (fr) * 2000-06-02 2001-12-13 Hitachi, Ltd. Memoire permanente a semi-conducteur et procede de gestion de l'information dans un systeme de distribution de l'information

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US892826A (en) 1907-12-27 1908-07-07 Ira L Graham Reinforced concrete post.
GB2172721A (en) 1985-03-21 1986-09-24 John Angus Robertson Protective software
US5095525A (en) 1989-06-26 1992-03-10 Rockwell International Corporation Memory transformation apparatus and method
US5987572A (en) 1997-09-29 1999-11-16 Intel Corporation Method and apparatus employing a dynamic encryption interface between a processor and a memory

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004097646A2 (de) * 2003-04-25 2004-11-11 Conti Temic Microelectronic Gmbh Verfahren zum betreiben einer datenverarbeitungseinheit sowie datenverarbeitungssystem zur durchführung des verfahrens
WO2004097646A3 (de) * 2003-04-25 2005-04-14 Conti Temic Microelectronic Verfahren zum betreiben einer datenverarbeitungseinheit sowie datenverarbeitungssystem zur durchführung des verfahrens
EP1990782A3 (de) * 2007-05-07 2009-11-18 Giesecke & Devrient GmbH Verfahren zum Speichern von Anwendungsdaten in einen Datenträger mit einem verschlüsselnden Speicher-Controller
WO2010012678A1 (en) * 2008-07-28 2010-02-04 Nagravision S.A. Method and apparatus for enforcing a predetermined memory mapping
EP2151763A1 (en) * 2008-07-28 2010-02-10 Nagravision S.A. Method and apparatus for obfuscating virtual to physical memory mapping
US8347114B2 (en) 2008-07-28 2013-01-01 Nagravision S.A. Method and apparatus for enforcing a predetermined memory mapping

Also Published As

Publication number Publication date
CN1471671A (zh) 2004-01-28
US20040128458A1 (en) 2004-07-01
DE10124139A1 (de) 2002-11-21
WO2002093387A3 (en) 2003-01-30
CN1251091C (zh) 2006-04-12
JP2004525470A (ja) 2004-08-19
EP1393187A2 (en) 2004-03-03

Similar Documents

Publication Publication Date Title
KR100205740B1 (ko) 복수의 마이크로 프로세서들간에 애플리케이션 데이터 및 절차들을 공유하기 위한 보안성 애플리케이션 카드
EP0583140B1 (en) System for seamless processing of encrypted and non-encrypted data and instructions
US5048085A (en) Transaction system security method and apparatus
US5982899A (en) Method for verifying the configuration the computer system
US8843767B2 (en) Secure memory transaction unit
US8839001B2 (en) Infinite key memory transaction unit
EP0885417B1 (en) Access control/crypto system
US5148481A (en) Transaction system security method and apparatus
JP3493047B2 (ja) メモリー・カード
US20040128458A1 (en) Method and device for protecting data transmission between a central processor and a memory
JP2001513929A (ja) 電子的なデータ処理装置およびシステム
WO2005008563A2 (en) Encryption of radio frequency identification tags
JPS6016670B2 (ja) 端末ユ−ザの身元を認証するためのシステム
US20030061494A1 (en) Method and system for protecting data on a pc platform using bulk non-volatile storage
EP1172822A1 (en) Semiconductor device and control device for use therewith
GB2149944A (en) Software distribution
WO1990015211A1 (en) Security system
US6101605A (en) Method and apparatus for performing a secure operation
US5671275A (en) Protection of software programs stored in read-only memory from unauthorized access
US10389530B2 (en) Secure method for processing content stored within a component, and corresponding component
US7085742B2 (en) Authenticating software licenses
US20040117639A1 (en) Secure driver
JPS6210745A (ja) メモリへのアクセスのコントロ−ル方法および装置
US6735697B1 (en) Circuit arrangement for electronic data processing
KR100232086B1 (ko) 보안성 메모리 카드

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): CN JP US

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 028017188

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2002727912

Country of ref document: EP

AK Designated states

Kind code of ref document: A3

Designated state(s): CN JP US

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

WWE Wipo information: entry into national phase

Ref document number: 2002589995

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 10477984

Country of ref document: US

WWP Wipo information: published in national office

Ref document number: 2002727912

Country of ref document: EP